lp.crypt.casino Open in urlscan Pro
2606:4700:3030::681b:b9b2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://game-workshop.com/
Effective URL:
https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe...
Submission: On August 13 via manual (August 13th 2020, 8:56:54 am UTC) from GB

Summary HTTP 38 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 16 domains to perform 38 HTTP transactions. The main IP is 2606:4700:3030::681b:b9b2, located in United States and belongs to CLOUDFLARENET, US. The main domain is lp.crypt.casino.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 5th 2020. Valid for: a year.

This is the only time lp.crypt.casino was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	5.79.68.101 5.79.68.101	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 4	91.195.240.136 91.195.240.136	47846 (SEDO-AS) (SEDO-AS)
2	205.234.175.175 205.234.175.175	30081 (CACHENETW...) (CACHENETWORKS)
2	54.174.38.189 54.174.38.189	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2606:4700:303... 2606:4700:3037::6812:3662	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2606:4700:303... 2606:4700:3030::681b:b9b2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	209.197.3.24 209.197.3.24	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:815::2008	15169 (GOOGLE) (GOOGLE)
2	213.174.135.2 213.174.135.2	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	13.226.155.238 13.226.155.238	16509 (AMAZON-02) (AMAZON-02)
1	13.226.155.6 13.226.155.6	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:819::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3035::6812:2137	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.29.101.194 52.29.101.194	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:818::200e	15169 (GOOGLE) (GOOGLE)
38	18

2 5.79.68.101 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

game-workshop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.195.240.136 (Germany) 2 redirects

ASN47846 (SEDO-AS, DE)

ww1.game-workshop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net

img.sedoparking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.174.38.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-38-189.compute-1.amazonaws.com

usa.caralla-ver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6812:3662 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cryptcasino.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:3030::681b:b9b2 (United States)

ASN13335 (CLOUDFLARENET, US)

lp.crypt.casino	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.197.3.24 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: vip0x018.map2.ssl.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.174.135.2 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cdn.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.155.238 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-238.dus51.r.cloudfront.net

www.binance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.155.6 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-6.dus51.r.cloudfront.net

accounts.binance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6812:2137 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.gravitec.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.101.194 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-101-194.eu-central-1.compute.amazonaws.com

api.gravitec.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	crypt.casino lp.crypt.casino	489 KB
6	game-workshop.com 3 redirects game-workshop.com ww1.game-workshop.com	6 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	32 KB
2	youtube.com www.youtube.com	1 KB
2	gravitec.media cdn.gravitec.media api.gravitec.media	2 KB
2	google-analytics.com 1 redirects www.google-analytics.com	19 KB
2	binance.com 1 redirects www.binance.com accounts.binance.com	7 KB
2	gravitec.net cdn.gravitec.net	19 KB
2	caralla-ver.com usa.caralla-ver.com	3 KB
2	sedoparking.com img.sedoparking.com	31 KB
1	ytimg.com s.ytimg.com	33 KB
1	doubleclick.net stats.g.doubleclick.net	421 B
1	googleapis.com fonts.googleapis.com	626 B
1	googletagmanager.com www.googletagmanager.com	35 KB
1	jquery.com code.jquery.com	30 KB
1	cryptcasino.su 1 redirects cryptcasino.su	612 B
38	16

	Domain	Requested by
15	lp.crypt.casino	usa.caralla-ver.com lp.crypt.casino
4	ww1.game-workshop.com	2 redirects game-workshop.com
2	www.youtube.com	lp.crypt.casino s.ytimg.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	cdn.gravitec.net	lp.crypt.casino cdn.gravitec.net
2	www.gstatic.com	lp.crypt.casino
2	usa.caralla-ver.com	ww1.game-workshop.com usa.caralla-ver.com
2	img.sedoparking.com	ww1.game-workshop.com
2	game-workshop.com	1 redirects
1	s.ytimg.com	www.youtube.com
1	api.gravitec.media	cdn.gravitec.media
1	cdn.gravitec.media	cdn.gravitec.net
1	stats.g.doubleclick.net	lp.crypt.casino
1	fonts.gstatic.com	lp.crypt.casino
1	fonts.googleapis.com	lp.crypt.casino
1	accounts.binance.com	lp.crypt.casino
1	www.binance.com	1 redirects
1	www.googletagmanager.com	lp.crypt.casino
1	code.jquery.com	lp.crypt.casino
1	cryptcasino.su	1 redirects
38	20

This site contains links to these domains. Also see Links.

Domain
crypt.casino

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-05` - `2021-08-05`	a year	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.gravitec.net AlphaSSL CA - SHA256 - G2	`2020-02-06` - `2021-03-09`	a year	crt.sh
*.binance.com GeoTrust RSA CA 2018	`2020-01-07` - `2022-04-07`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
api.gravitec.media Let's Encrypt Authority X3	`2020-07-22` - `2020-10-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
Frame ID: FB5F71ED7436E8DBD4D6FCD9BE10E8F3
Requests: 37 HTTP requests in this frame

Frame: https://www.youtube.com/embed/zyIhuSgJwUM?rel=0&showinfo=0&ecver=2&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Flp.crypt.casino&widgetid=1
Frame ID: D083F4006D06765CF3CA54A212795F8A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://game-workshop.com/ Page URL
http://game-workshop.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTU5NzM... HTTP 302
http://ww1.game-workshop.com/?sub1=e46c2c1c-dd42-11ea-a64b-fdb4cd0449fe Page URL
http://ww1.game-workshop.com/search/redirect.php?f=http%3A%2F%2Fusa.caralla-ver.com%2Fzcvisitor%2Fe51d15a... HTTP 302
http://ww1.game-workshop.com/search/tcerider.php?f=http%3A%2F%2Fusa.caralla-ver.com%2Fzcvisitor%2Fe51d15a... HTTP 302
http://usa.caralla-ver.com/zcvisitor/e51d15a6-dd42-11ea-b5e1-0a42615b5fff?campaignid=c3d794c0-5361-11ea... Page URL
http://usa.caralla-ver.com/zcredirect?visitid=e51d15a6-dd42-11ea-b5e1-0a42615b5fff&type=js&browserWidth... Page URL
https://cryptcasino.su/click.php?key=2fpkpdpowgjagxosvrnw&cid=zre51d15a6dd4211eab5e10a42615b5fff9a9... HTTP 302
https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

38
Requests

82 %
HTTPS

55 %
IPv6

16
Domains

20
Subdomains

18
IPs

4
Countries

700 kB
Transfer

2274 kB
Size

9
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://crypt.casino/?cid=ac22cb7ikfyblf99
Title: Crypto Casino

Search URL Search Domain Scan URL

URL: https://crypt.casino/page/video-ad?video=baccarat&cid=ac22cb7ikfyblf99
Title: Games

Search URL Search Domain Scan URL

URL: https://crypt.casino/games/slots?cid=ac22cb7ikfyblf99
Title: Slots

Search URL Search Domain Scan URL

URL: https://crypt.casino/games/multi-slots/crypto-slots?cid=ac22cb7ikfyblf99
Title: Crypto Slots

Search URL Search Domain Scan URL

URL: https://crypt.casino/games/lucky-wheel/lucky-wheel?cid=ac22cb7ikfyblf99
Title: Lucky Wheel

Search URL Search Domain Scan URL

URL: https://crypt.casino/games/dice?cid=ac22cb7ikfyblf99
Title: Dice

Search URL Search Domain Scan URL

URL: https://crypt.casino/games/blackjack?cid=ac22cb7ikfyblf99
Title: Blackjack

Search URL Search Domain Scan URL

URL: https://crypt.casino/games/baccarat?cid=ac22cb7ikfyblf99
Title: Baccarat

Search URL Search Domain Scan URL

URL: https://crypt.casino/games/video-poker?cid=ac22cb7ikfyblf99
Title: Video Poker

Search URL Search Domain Scan URL

URL: https://crypt.casino/games/american-roulette?cid=ac22cb7ikfyblf99
Title: American Roulette

Search URL Search Domain Scan URL

URL: https://crypt.casino/games/roulette?cid=ac22cb7ikfyblf99
Title: European Roulette

Search URL Search Domain Scan URL

URL: https://crypt.casino/games/american-bingo?cid=ac22cb7ikfyblf99
Title: 75 Ball Bingo

Search URL Search Domain Scan URL

URL: https://crypt.casino/games/keno?cid=ac22cb7ikfyblf99
Title: Keno

Search URL Search Domain Scan URL

URL: https://crypt.casino/history/recent?cid=ac22cb7ikfyblf99
Title: Recent games

Search URL Search Domain Scan URL

URL: https://crypt.casino/history/top-wins?cid=ac22cb7ikfyblf99
Title: Top wins

Search URL Search Domain Scan URL

URL: https://crypt.casino/history/top-losses?cid=ac22cb7ikfyblf99
Title: Top losses

Search URL Search Domain Scan URL

URL: https://crypt.casino/history/my?cid=ac22cb7ikfyblf99
Title: My games

Search URL Search Domain Scan URL

URL: https://crypt.casino/raffle?cid=ac22cb7ikfyblf99
Title: Raffle

Search URL Search Domain Scan URL

URL: https://crypt.casino/leaderboard?cid=ac22cb7ikfyblf99
Title: Leaderboard

Search URL Search Domain Scan URL

URL: https://crypt.casino/register?cid=ac22cb7ikfyblf99
Title: Sign up NOW

Search URL Search Domain Scan URL

URL: https://crypt.casino/page/provably-fair?cid=ac22cb7ikfyblf99
Title: Provably fair

Search URL Search Domain Scan URL

URL: https://crypt.casino/page/privacy-policy?cid=ac22cb7ikfyblf99
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://crypt.casino/page/terms-of-use?cid=ac22cb7ikfyblf99
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://crypt.casino/page/aml-policy?cid=ac22cb7ikfyblf99
Title: AML Policy

Search URL Search Domain Scan URL

URL: https://crypt.casino/page/kyc-policy?cid=ac22cb7ikfyblf99
Title: KYC Policy

Search URL Search Domain Scan URL

URL: https://crypt.casino/page/withdrawal-refund?cid=ac22cb7ikfyblf99
Title: Withdrawal Policy & Refund Policy

Search URL Search Domain Scan URL

URL: https://crypt.casino/page/risk-disclosure?cid=ac22cb7ikfyblf99
Title: Risk Disclosure

Search URL Search Domain Scan URL

URL: https://crypt.casino/page/contact-us?cid=ac22cb7ikfyblf99
Title: Contact us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://game-workshop.com/ Page URL
http://game-workshop.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTU5NzMxNjE5NSwiaWF0IjoxNTk3MzA4OTk1LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyb2xjZzRjc2tyMHZvdjRnZTQyYWsxNGIiLCJuYmYiOjE1OTczMDg5OTUsInRzIjoxNTk3MzA4OTk1ODI0MzU1fQ.YaBEmIHEfLGTmQ5In-7npSnE6CHUOUQrCT6uRABHWVI&sid=e46c2c1c-dd42-11ea-a64b-fdb4cd0449fe HTTP 302
http://ww1.game-workshop.com/?sub1=e46c2c1c-dd42-11ea-a64b-fdb4cd0449fe Page URL
http://ww1.game-workshop.com/search/redirect.php?f=http%3A%2F%2Fusa.caralla-ver.com%2Fzcvisitor%2Fe51d15a6-dd42-11ea-b5e1-0a42615b5fff%3Fcampaignid%3Dc3d794c0-5361-11ea-9728-0a06ea97c507&v=MDg2NGZlODJjMzM3NTVhYjY2MGZmZGI2NDU0MDQ3MGUJMQl3dzEuZ2FtZS13b3Jrc2hvcC5jb201ZjM1MDA0NGMxZTY1NS43NjQzMDUwNgl3dzEuZ2FtZS13b3Jrc2hvcC5jb201ZjM1MDA0NGMxZTkyMS43NDAwNzYxNgkxNTk3MzA4OTk3CWFkXzMxXzA=&l=OAkwNWZjMDVkNDM2YTY2MzFjZjAyOWY3OTkwNTA1ODkwYwkwCTQ4CTAJYTFhZWYxNWU5Nzk2NjgyOGU2YTVkMmZkYWMyYWU5MjUJNjEyMDgwNjUJZ2FtZWJvb2tlcnMgb25saW5lIHNwb3J0cyBiZXR0aW5nCTExMDEJMzEJNwk1CTE1OTczMDg5OTcJMC4wMDA5NAlOCTAJMQkwCTExMzUJNjEyMDgwNjUJMTY1LjIzMS4xNDIuMzYJMA%3D%3D HTTP 302
http://ww1.game-workshop.com/search/tcerider.php?f=http%3A%2F%2Fusa.caralla-ver.com%2Fzcvisitor%2Fe51d15a6-dd42-11ea-b5e1-0a42615b5fff%3Fcampaignid%3Dc3d794c0-5361-11ea-9728-0a06ea97c507&v=MDg2NGZlODJjMzM3NTVhYjY2MGZmZGI2NDU0MDQ3MGUJMQl3dzEuZ2FtZS13b3Jrc2hvcC5jb201ZjM1MDA0NGMxZTY1NS43NjQzMDUwNgl3dzEuZ2FtZS13b3Jrc2hvcC5jb201ZjM1MDA0NGMxZTkyMS43NDAwNzYxNgkxNTk3MzA4OTk3CWFkXzMxXzA=&l=OAkwNWZjMDVkNDM2YTY2MzFjZjAyOWY3OTkwNTA1ODkwYwkwCTQ4CTAJYTFhZWYxNWU5Nzk2NjgyOGU2YTVkMmZkYWMyYWU5MjUJNjEyMDgwNjUJZ2FtZWJvb2tlcnMgb25saW5lIHNwb3J0cyBiZXR0aW5nCTExMDEJMzEJNwk1CTE1OTczMDg5OTcJMC4wMDA5NAlOCTAJMQkwCTExMzUJNjEyMDgwNjUJMTY1LjIzMS4xNDIuMzYJMA%3D%3D HTTP 302
http://usa.caralla-ver.com/zcvisitor/e51d15a6-dd42-11ea-b5e1-0a42615b5fff?campaignid=c3d794c0-5361-11ea-9728-0a06ea97c507 Page URL
http://usa.caralla-ver.com/zcredirect?visitid=e51d15a6-dd42-11ea-b5e1-0a42615b5fff&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Page URL
https://cryptcasino.su/click.php?key=2fpkpdpowgjagxosvrnw&cid=zre51d15a6dd4211eab5e10a42615b5fff9a9406f5bb4b449b8f64f9c32daa73e40492320aabbb464a47&visit_cost=0.001350&target=zulu-ays-JFcKtPpc&campaign_id=1350699&geo=ZA&keyword=gamebookers+online+sports+betting+casino%2Cgame-workshop%2Cgame-workshop.com&source=porraceous-llama&match=&campaign_name=Crypto+Casino+RON+Multi&carrier=unknown&traffic_type=DOMAIN&visitor_type=NON-ADULT HTTP 302
https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://game-workshop.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTU5NzMxNjE5NSwiaWF0IjoxNTk3MzA4OTk1LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyb2xjZzRjc2tyMHZvdjRnZTQyYWsxNGIiLCJuYmYiOjE1OTczMDg5OTUsInRzIjoxNTk3MzA4OTk1ODI0MzU1fQ.YaBEmIHEfLGTmQ5In-7npSnE6CHUOUQrCT6uRABHWVI&sid=e46c2c1c-dd42-11ea-a64b-fdb4cd0449fe HTTP 302
http://ww1.game-workshop.com/?sub1=e46c2c1c-dd42-11ea-a64b-fdb4cd0449fe

Request Chain 5

http://ww1.game-workshop.com/search/redirect.php?f=http%3A%2F%2Fusa.caralla-ver.com%2Fzcvisitor%2Fe51d15a6-dd42-11ea-b5e1-0a42615b5fff%3Fcampaignid%3Dc3d794c0-5361-11ea-9728-0a06ea97c507&v=MDg2NGZlODJjMzM3NTVhYjY2MGZmZGI2NDU0MDQ3MGUJMQl3dzEuZ2FtZS13b3Jrc2hvcC5jb201ZjM1MDA0NGMxZTY1NS43NjQzMDUwNgl3dzEuZ2FtZS13b3Jrc2hvcC5jb201ZjM1MDA0NGMxZTkyMS43NDAwNzYxNgkxNTk3MzA4OTk3CWFkXzMxXzA=&l=OAkwNWZjMDVkNDM2YTY2MzFjZjAyOWY3OTkwNTA1ODkwYwkwCTQ4CTAJYTFhZWYxNWU5Nzk2NjgyOGU2YTVkMmZkYWMyYWU5MjUJNjEyMDgwNjUJZ2FtZWJvb2tlcnMgb25saW5lIHNwb3J0cyBiZXR0aW5nCTExMDEJMzEJNwk1CTE1OTczMDg5OTcJMC4wMDA5NAlOCTAJMQkwCTExMzUJNjEyMDgwNjUJMTY1LjIzMS4xNDIuMzYJMA%3D%3D HTTP 302
http://ww1.game-workshop.com/search/tcerider.php?f=http%3A%2F%2Fusa.caralla-ver.com%2Fzcvisitor%2Fe51d15a6-dd42-11ea-b5e1-0a42615b5fff%3Fcampaignid%3Dc3d794c0-5361-11ea-9728-0a06ea97c507&v=MDg2NGZlODJjMzM3NTVhYjY2MGZmZGI2NDU0MDQ3MGUJMQl3dzEuZ2FtZS13b3Jrc2hvcC5jb201ZjM1MDA0NGMxZTY1NS43NjQzMDUwNgl3dzEuZ2FtZS13b3Jrc2hvcC5jb201ZjM1MDA0NGMxZTkyMS43NDAwNzYxNgkxNTk3MzA4OTk3CWFkXzMxXzA=&l=OAkwNWZjMDVkNDM2YTY2MzFjZjAyOWY3OTkwNTA1ODkwYwkwCTQ4CTAJYTFhZWYxNWU5Nzk2NjgyOGU2YTVkMmZkYWMyYWU5MjUJNjEyMDgwNjUJZ2FtZWJvb2tlcnMgb25saW5lIHNwb3J0cyBiZXR0aW5nCTExMDEJMzEJNwk1CTE1OTczMDg5OTcJMC4wMDA5NAlOCTAJMQkwCTExMzUJNjEyMDgwNjUJMTY1LjIzMS4xNDIuMzYJMA%3D%3D HTTP 302
http://usa.caralla-ver.com/zcvisitor/e51d15a6-dd42-11ea-b5e1-0a42615b5fff?campaignid=c3d794c0-5361-11ea-9728-0a06ea97c507

Request Chain 24

https://www.binance.com/en/register?ref=42224911 HTTP 301
https://accounts.binance.com/en/register?ref=42224911

Request Chain 31

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=544760706&t=pageview&_s=1&dl=https%3A%2F%2Flp.crypt.casino%2F%3Flp%3Dvideo-ad%26video%3Dbaccarat%26cid%3Dac22cb7ikfyblf99%26uclick%3Db7ikfybl%26uclickhash%3Db7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116&dr=http%3A%2F%2Fusa.caralla-ver.com%2Fzcredirect%3Fvisitid%3De51d15a6-dd42-11ea-b5e1-0a42615b5fff%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&ul=en-us&de=UTF-8&dt=Crypto%20Casino%20%7C%20Play%20with%20Crypt%20Casino%20and%20WIN%20Money%20Online%20!!!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAUABE~&jid=80142034&gjid=387076967&cid=552019219.1597308999&tid=UA-158742956-1&_gid=1101512524.1597308999&_r=1&gtm=2ou871&z=1257391224 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-158742956-1&cid=552019219.1597308999&jid=80142034&_gid=1101512524.1597308999&gjid=387076967&_v=j81&z=1257391224

38 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
game-workshop.com/ 473 B
834 B 139ms
104ms Document
text/html 5.79.68.101
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://game-workshop.com/
Protocol: HTTP/1.1
Server: 5.79.68.101 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 972a128ca068db8ce66360a44534223aab38435f5ee2b09d009ff915e8773fa2

Request headers

Host: game-workshop.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 473
content-type: text/html; charset=utf-8
date: Thu, 13 Aug 2020 08:56:35 GMT
server: nginx
set-cookie: sid=e46c2c1c-dd42-11ea-a64b-fdb4cd0449fe; path=/; domain=.game-workshop.com; expires=Tue, 31 Aug 2088 12:10:42 GMT; max-age=2147483647; HttpOnly

GET
H/1.1

200
OK

/ Show response
ww1.game-workshop.com/
Redirect Chain

http://game-workshop.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTU5NzMxNjE5NSwiaWF0IjoxNTk3MzA4OTk1LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyb2xjZzRjc2tyMHZvdjRnZTQyYWs...
http://ww1.game-workshop.com/?sub1=e46c2c1c-dd42-11ea-a64b-fdb4cd0449fe

4 KB
3 KB

694ms
659ms

Document
text/html

91.195.240.136
SEDO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww1.game-workshop.com/?sub1=e46c2c1c-dd42-11ea-a64b-fdb4cd0449fe
Requested by: Host: game-workshop.com
URL: http://game-workshop.com/
Protocol: HTTP/1.1
Server: 91.195.240.136 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software: NginX /
Resource Hash: 9c6997de44d59f9415446a6564d2209d986d747993e758ca5c252dbd4ec110c6

Request headers

Host: ww1.game-workshop.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://game-workshop.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: sid=e46c2c1c-dd42-11ea-a64b-fdb4cd0449fe
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://game-workshop.com/

Response headers

date: Thu, 13 Aug 2020 08:56:37 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_vMRuwlCS7Yp6ZfJD/F5keTKYXp7vY/fkbxPfurdX15qDCpmX0NmC+/y91ymN5NkzEr1ts64Ut1OoFT4Y3bfGTQ==
last-modified: Thu, 13 Aug 2020 08:56:36 GMT
x-cache-miss-from: parking-58b66565b-6wvgq
server: NginX
content-encoding: gzip

Redirect headers

cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Thu, 13 Aug 2020 08:56:36 GMT
location: http://ww1.game-workshop.com/?sub1=e46c2c1c-dd42-11ea-a64b-fdb4cd0449fe
server: nginx
set-cookie: sid=e46c2c1c-dd42-11ea-a64b-fdb4cd0449fe; path=/; domain=.game-workshop.com; expires=Tue, 31 Aug 2088 12:10:43 GMT; max-age=2147483647; HttpOnly

GET
H/1.1 200
OK jquery-1.4.2.min.js Show response
img.sedoparking.com/js/ 52 KB
27 KB 116ms
80ms Script
application/x-javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: http://img.sedoparking.com/js/jquery-1.4.2.min.js
Requested by: Host: ww1.game-workshop.com
URL: http://ww1.game-workshop.com/?sub1=e46c2c1c-dd42-11ea-a64b-fdb4cd0449fe
Protocol: HTTP/1.1
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: e186f74c971a978c1daf20bb51a1b71bcb075d8d09d678ee1d12665c136b1487

Request headers

Referer: http://ww1.game-workshop.com/?sub1=e46c2c1c-dd42-11ea-a64b-fdb4cd0449fe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 13 Aug 2020 08:56:37 GMT
Content-Encoding: gzip
X-CF3: H
CF4ttl: 31536000.000
X-CFHash: "0d658c3f0a7efaa05a6fcee9758231b3"
X-CF1: 11696:fA.ams1:cf:cacheN.ams1-01:H
Connection: keep-alive
Content-Length: 26742
x-cf-tsc: 1579707038
X-CF2: H
Last-Modified: Thu, 28 Jun 2018 13:09:28 GMT
Server: CFS 0215
X-CFF: B
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
CF4Age: 3170441
Accept-Ranges: bytes
x-cf-rand: 67.845
Expires: Fri, 14 Aug 2020 08:56:37 GMT

GET
H/1.1 200
OK js_preloader.gif
img.sedoparking.com/images/ 4 KB
5 KB 119ms
84ms Image
image/gif 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.sedoparking.com/images/js_preloader.gif
Requested by: Host: ww1.game-workshop.com
URL: http://ww1.game-workshop.com/?sub1=e46c2c1c-dd42-11ea-a64b-fdb4cd0449fe
Protocol: HTTP/1.1
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a

Request headers

Referer: http://ww1.game-workshop.com/?sub1=e46c2c1c-dd42-11ea-a64b-fdb4cd0449fe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 13 Aug 2020 08:56:37 GMT
X-CF3: H
CF4ttl: 31536000.000
X-CFHash: "90c93102a88c2ab94bff1575b7a6e86e"
X-CF1: 11696:fB.ams1:cf:cacheN.ams1-01:H
Connection: keep-alive
Content-Length: 4254
x-cf-tsc: 1589303907
X-CF2: H
Last-Modified: Fri, 15 Mar 2019 12:24:07 GMT
Server: CFS 0215
X-CFF: B
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
CF4Age: 1
Accept-Ranges: bytes
x-cf-rand: 73.002
Expires: Thu, 20 Aug 2020 08:56:37 GMT

GET
H/1.1 200
OK tsc.php
ww1.game-workshop.com/search/ 0
174 B 67ms
66ms XHR
text/html 91.195.240.136
SEDO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww1.game-workshop.com/search/tsc.php?200=NjEyMDgwNjU=&21=MTY1LjIzMS4xNDIuMzY=&681=MTU5NzMwODk5NzBmZTllZDc5ZTdkZjVhNTQ1ZDg5YWU3OTUxZmE0OWNl&crc=045fc304ce550f71bf44f5f5b28b3845a2b3b3a1&cv=1
Requested by: Host: game-workshop.com
URL: http://game-workshop.com/
Protocol: HTTP/1.1
Server: 91.195.240.136 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software: NginX /
Resource Hash

Request headers

Accept: */*
Referer: http://ww1.game-workshop.com/?sub1=e46c2c1c-dd42-11ea-a64b-fdb4cd0449fe
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 08:56:37 GMT
x-cache-miss-from: parking-58b66565b-nft7z
server: NginX
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

e51d15a6-dd42-11ea-b5e1-0a42615b5fff
usa.caralla-ver.com/zcvisitor/
Redirect Chain

http://ww1.game-workshop.com/search/redirect.php?f=http%3A%2F%2Fusa.caralla-ver.com%2Fzcvisitor%2Fe51d15a6-dd42-11ea-b5e1-0a42615b5fff%3Fcampaignid%3Dc3d794c0-5361-11ea-9728-0a06ea97c507&v=MDg2...
http://ww1.game-workshop.com/search/tcerider.php?f=http%3A%2F%2Fusa.caralla-ver.com%2Fzcvisitor%2Fe51d15a6-dd42-11ea-b5e1-0a42615b5fff%3Fcampaignid%3Dc3d794c0-5361-11ea-9728-0a06ea97c507&v=MDg2...
http://usa.caralla-ver.com/zcvisitor/e51d15a6-dd42-11ea-b5e1-0a42615b5fff?campaignid=c3d794c0-5361-11ea-9728-0a06ea97c507

1008 B
2 KB

325ms
250ms

Document
text/html

54.174.38.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://usa.caralla-ver.com/zcvisitor/e51d15a6-dd42-11ea-b5e1-0a42615b5fff?campaignid=c3d794c0-5361-11ea-9728-0a06ea97c507

Requested by

Host: ww1.game-workshop.com
URL: http://ww1.game-workshop.com/?sub1=e46c2c1c-dd42-11ea-a64b-fdb4cd0449fe

Protocol

HTTP/1.1

Server

54.174.38.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-174-38-189.compute-1.amazonaws.com

Software

ZeroPark-Traffic /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host: usa.caralla-ver.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://ww1.game-workshop.com/?sub1=e46c2c1c-dd42-11ea-a64b-fdb4cd0449fe
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://ww1.game-workshop.com/?sub1=e46c2c1c-dd42-11ea-a64b-fdb4cd0449fe

Response headers

Date: Thu, 13 Aug 2020 08:56:38 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: ZeroPark-Traffic

Redirect headers

date: Thu, 13 Aug 2020 08:56:37 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Thu, 13 Aug 2020 08:56:37 GMT
location: http://usa.caralla-ver.com/zcvisitor/e51d15a6-dd42-11ea-b5e1-0a42615b5fff?campaignid=c3d794c0-5361-11ea-9728-0a06ea97c507
x-cache-miss-from: parking-58b66565b-7cbqv
server: NginX

GET
H/1.1 200
OK zcredirect Show response
usa.caralla-ver.com/ 1 KB
2 KB 143ms
142ms Document
text/html 54.174.38.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://usa.caralla-ver.com/zcredirect?visitid=e51d15a6-dd42-11ea-b5e1-0a42615b5fff&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false

Requested by

Host: usa.caralla-ver.com
URL: http://usa.caralla-ver.com/zcvisitor/e51d15a6-dd42-11ea-b5e1-0a42615b5fff?campaignid=c3d794c0-5361-11ea-9728-0a06ea97c507

Protocol

HTTP/1.1

Server

54.174.38.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-174-38-189.compute-1.amazonaws.com

Software

ZeroPark-Traffic /

Resource Hash

2029d434d1c786fc9784c6053d180704e05ae0106b54080b5bc9c784432ef847

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host: usa.caralla-ver.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://usa.caralla-ver.com/zcvisitor/e51d15a6-dd42-11ea-b5e1-0a42615b5fff?campaignid=c3d794c0-5361-11ea-9728-0a06ea97c507
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://usa.caralla-ver.com/zcvisitor/e51d15a6-dd42-11ea-b5e1-0a42615b5fff?campaignid=c3d794c0-5361-11ea-9728-0a06ea97c507

Response headers

Date: Thu, 13 Aug 2020 08:56:38 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: ZeroPark-Traffic

GET
H2

200

Primary Request / Show response
lp.crypt.casino/
Redirect Chain

https://cryptcasino.su/click.php?key=2fpkpdpowgjagxosvrnw&cid=zre51d15a6dd4211eab5e10a42615b5fff9a9406f5bb4b449b8f64f9c32daa73e40492320aabbb464a47&visit_cost=0.001350&target=zulu-ays-JFcKtPpc&campa...
https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116

17 KB
4 KB

82ms
32ms

Document
text/html

2606:4700:3030::681b:b9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
Requested by: Host: usa.caralla-ver.com
URL: http://usa.caralla-ver.com/zcredirect?visitid=e51d15a6-dd42-11ea-b5e1-0a42615b5fff&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:b9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f2d0f169db61192bc2b48f4fd349b3276a0e153eff4494c2bf10a42253a5c7a

Request headers

:method: GET
:authority: lp.crypt.casino
:scheme: https
:path: /?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://usa.caralla-ver.com/zcredirect?visitid=e51d15a6-dd42-11ea-b5e1-0a42615b5fff&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://usa.caralla-ver.com/zcredirect?visitid=e51d15a6-dd42-11ea-b5e1-0a42615b5fff&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false

Response headers

status: 200
date: Thu, 13 Aug 2020 08:56:38 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dddaf8a4c23280e867c091e489558b2191597308998; expires=Sat, 12-Sep-20 08:56:38 GMT; path=/; domain=.crypt.casino; HttpOnly; SameSite=Lax; Secure
cf-cache-status: DYNAMIC
cf-request-id: 0488a22ba90000d705c213d200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5c2139590c3fd705-FRA
content-encoding: br

Redirect headers

status: 302
date: Thu, 13 Aug 2020 08:56:38 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d190caa678b34b8a6bdb85fb3b2158ddc1597308998; expires=Sat, 12-Sep-20 08:56:38 GMT; path=/; domain=.cryptcasino.su; HttpOnly; SameSite=Lax uclick=b7ikfybl; expires=Fri, 14-Aug-2020 08:56:38 GMT; Max-Age=86400; path=/; SameSite=None; Secure; uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116; expires=Fri, 14-Aug-2020 08:56:38 GMT; Max-Age=86400; path=/; SameSite=None; Secure;
location: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
cf-cache-status: DYNAMIC
cf-request-id: 0488a22b37000096f803a5b200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5c21395859bd96f8-FRA

GET
H2 200 analytics.js Show response
lp.crypt.casino/video-ad/js/ 44 KB
17 KB 20ms
18ms Script
application/javascript 2606:4700:3030::681b:b9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.crypt.casino/video-ad/js/analytics.js
Requested by: Host: lp.crypt.casino
URL: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:b9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Request headers

Referer: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 08:56:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 05 Apr 2020 15:54:53 GMT
server: cloudflare
age: 6791
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5c2139595cd9d705-FRA
cf-request-id: 0488a22bda0000d705c2142200000001

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 40ms
39ms Script
application/javascript 209.197.3.24
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: lp.crypt.casino
URL: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.197.3.24 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: vip0x018.map2.ssl.hwcdn.net
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
Origin: https://lp.crypt.casino

Response headers

date: Thu, 13 Aug 2020 08:56:38 GMT
content-encoding: gzip
last-modified: Wed, 01 May 2019 21:14:27 GMT
server: nginx
status: 200
etag: W/"5cca0c33-15851"
vary: Accept-Encoding
x-hw: 1597308998.dop008.sk1.t,1597308998.cds002.sk1.hn,1597308998.cds073.sk1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30638

GET
H2 200 dark-purple.css
lp.crypt.casino/video-ad/css/ 246 KB
37 KB 23ms
22ms Stylesheet
text/css 2606:4700:3030::681b:b9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.crypt.casino/video-ad/css/dark-purple.css
Requested by: Host: lp.crypt.casino
URL: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:b9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f5c99b27cdd87cb4673fe9aa93e905eb7bb1d211d31c6d25ecc5be8b3d70158

Request headers

Referer: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 08:56:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 05 Apr 2020 15:54:51 GMT
server: cloudflare
age: 6790
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5c2139595cd3d705-FRA
cf-request-id: 0488a22bd90000d705c2140200000001

GET
H2 200 any-payments.css
lp.crypt.casino/video-ad/css/ 253 B
272 B 14ms
13ms Stylesheet
text/css 2606:4700:3030::681b:b9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.crypt.casino/video-ad/css/any-payments.css
Requested by: Host: lp.crypt.casino
URL: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:b9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cedd4104d5504c690b9418933be3e2ad6137ee353eac8b10850d06755e9f938

Request headers

Referer: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 08:56:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 05 Apr 2020 15:54:51 GMT
server: cloudflare
age: 6790
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5c2139595cd7d705-FRA
cf-request-id: 0488a22bd90000d705c2141200000001

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/5.0.1/ 25 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/5.0.1/firebase-app.js

Requested by

Host: lp.crypt.casino
URL: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef5df124a5fdb52345c318a02e8e9f6128c67b40d01005e02d53218a64d37ae3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 08 Aug 2020 07:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 May 2018 19:10:43 GMT
server: sffe
age: 438739
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8603
x-xss-protection: 0
expires: Sun, 08 Aug 2021 07:04:19 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/5.0.1/ 35 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/5.0.1/firebase-messaging.js

Requested by

Host: lp.crypt.casino
URL: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d042eb2c6bd5195fbe9c18f8a70f0a603918c018c1b539cc204f85dc5abb6bc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 02:12:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 May 2018 19:10:43 GMT
server: sffe
age: 24235
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10006
x-xss-protection: 0
expires: Fri, 13 Aug 2021 02:12:43 GMT

GET
H2 200 logo.png
lp.crypt.casino/video-ad/img/ 6 KB
6 KB 16ms
14ms Image
image/png 2606:4700:3030::681b:b9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.crypt.casino/video-ad/img/logo.png
Requested by: Host: lp.crypt.casino
URL: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:b9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2aa34dd983c608e12d6da9412f72d08776248d615aff61898d4a6fc096899c5

Request headers

Referer: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 08:56:38 GMT
cf-cache-status: HIT
last-modified: Sun, 05 Apr 2020 15:54:52 GMT
server: cloudflare
age: 6774
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5c213959ee02d705-FRA
content-length: 6371
cf-request-id: 0488a22c2d0000d705c2150200000001

GET
H2 200 crypt-casino-address.JPG
lp.crypt.casino/video-ad/img/ 10 KB
10 KB 16ms
15ms Image
image/jpeg 2606:4700:3030::681b:b9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.crypt.casino/video-ad/img/crypt-casino-address.JPG
Requested by: Host: lp.crypt.casino
URL: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:b9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a1575d4c59d3417b02770b24fde1346c0e62f3d3174a81bb3479c207198c08d

Request headers

Referer: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 08:56:38 GMT
cf-cache-status: HIT
last-modified: Sun, 05 Apr 2020 15:54:52 GMT
server: cloudflare
age: 6774
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5c213959ee04d705-FRA
content-length: 10320
cf-request-id: 0488a22c2d0000d705c2151200000001

GET
H2 200 variables.js Show response
lp.crypt.casino/video-ad/js/ 208 B
239 B 14ms
13ms Script
application/javascript 2606:4700:3030::681b:b9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.crypt.casino/video-ad/js/variables.js
Requested by: Host: lp.crypt.casino
URL: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:b9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f255b4bc15d4960d942a1fd4a6eedb11126092acbc9ddc937a4efc68cfc18510

Request headers

Referer: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 08:56:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 05 Apr 2020 15:54:55 GMT
server: cloudflare
age: 6790
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5c2139598d38d705-FRA
cf-request-id: 0488a22bf30000d705c2147200000001

GET
H2 200 locale.js Show response
lp.crypt.casino/video-ad/js/ 1 KB
497 B 13ms
13ms Script
application/javascript 2606:4700:3030::681b:b9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.crypt.casino/video-ad/js/locale.js
Requested by: Host: lp.crypt.casino
URL: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:b9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2c23e757cd43a529b4ef726b6b25c216d3c8222db463b1b0ec0b79d91526635

Request headers

Referer: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 08:56:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 05 Apr 2020 15:54:55 GMT
server: cloudflare
age: 6789
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5c2139599d66d705-FRA
cf-request-id: 0488a22c020000d705c2148200000001

GET
H2 200 manifest.js Show response
lp.crypt.casino/video-ad/js/ 800 B
484 B 11ms
10ms Script
application/javascript 2606:4700:3030::681b:b9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.crypt.casino/video-ad/js/manifest.js
Requested by: Host: lp.crypt.casino
URL: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:b9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d539d5fb13daf683d0179d484c3c701b3514f9a3f0221f923222bafa9a5bd3c

Request headers

Referer: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 08:56:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 05 Apr 2020 15:54:55 GMT
server: cloudflare
age: 6789
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5c213959bd9ad705-FRA
cf-request-id: 0488a22c100000d705c2149200000001

GET
H2 200 vendor.js Show response
lp.crypt.casino/video-ad/js/ 271 KB
86 KB 32ms
31ms Script
application/javascript 2606:4700:3030::681b:b9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.crypt.casino/video-ad/js/vendor.js
Requested by: Host: lp.crypt.casino
URL: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:b9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 962e28ddd7aae7feac328f8c76b024ece5356237d0742d8e5f8c75f8d4d24a0e

Request headers

Referer: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 08:56:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 05 Apr 2020 15:54:56 GMT
server: cloudflare
age: 6789
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5c213959dde3d705-FRA
cf-request-id: 0488a22c230000d705c214c200000001

GET
H2 200 app.js Show response
lp.crypt.casino/video-ad/js/ 1 MB
223 KB 39ms
39ms Script
application/javascript 2606:4700:3030::681b:b9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.crypt.casino/video-ad/js/app.js
Requested by: Host: lp.crypt.casino
URL: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:b9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65216194969aef355b4cfa26b4a9bc66e349f02e3c1e7ff056e7409a3d537295

Request headers

Referer: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 08:56:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 05 Apr 2020 15:54:54 GMT
server: cloudflare
age: 6789
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5c213959ddecd705-FRA
cf-request-id: 0488a22c280000d705c214d200000001

GET
H2 200 without-jquery.js Show response
lp.crypt.casino/video-ad/js/ 579 B
323 B 15ms
14ms Script
application/javascript 2606:4700:3030::681b:b9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.crypt.casino/video-ad/js/without-jquery.js
Requested by: Host: lp.crypt.casino
URL: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:b9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2e6a50485c11f5348928fd0481be6b019636137ea8fa1158636b1e32a8b07b4

Request headers

Referer: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 08:56:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 05 Apr 2020 15:54:56 GMT
server: cloudflare
age: 6789
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5c213959edfdd705-FRA
cf-request-id: 0488a22c2d0000d705c214e200000001

GET
H2 200 any-payments.js Show response
lp.crypt.casino/video-ad/js/ 2 KB
588 B 15ms
14ms Script
application/javascript 2606:4700:3030::681b:b9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.crypt.casino/video-ad/js/any-payments.js
Requested by: Host: lp.crypt.casino
URL: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:b9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 846364adf745c36a5c49b24cdb10bdc009e6f73af82954d25628c77000b5aa9c

Request headers

Referer: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 08:56:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 05 Apr 2020 15:54:53 GMT
server: cloudflare
age: 6774
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5c213959ee00d705-FRA
cf-request-id: 0488a22c2d0000d705c214f200000001

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 40ms
18ms Script
application/javascript 2a00:1450:4001:815::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-158742956-1

Requested by

Host: lp.crypt.casino
URL: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0f685240b0f08b8a0d54bcbf4adf7da07b0d75f1ed6c901f9c769283d31c8127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 08:56:38 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35692
x-xss-protection: 0
last-modified: Thu, 13 Aug 2020 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 13 Aug 2020 08:56:38 GMT

GET
H2 200 client.js Show response
cdn.gravitec.net/storage/a3d89882a6e2ea197210cc5f3463ff65/ 63 KB
18 KB 142ms
68ms Script
application/javascript 213.174.135.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/storage/a3d89882a6e2ea197210cc5f3463ff65/client.js
Requested by: Host: lp.crypt.casino
URL: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: bda02dddb98550df87131a604a48e26a0942095d3840e38ddaa91beacf7086d4

Request headers

Referer: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 08:56:38 GMT
content-encoding: gzip
last-modified: Sat, 18 Jul 2020 17:14:45 GMT
server: nginx
status: 200
etag: W/"5f132e05-fdd1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 22 Jul 2020 16:10:15 GMT
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2

200

https://www.binance.com/en/register?ref=42224911
https://accounts.binance.com/en/register?ref=42224911

0
0

807ms
618ms

Script
text/html

13.226.155.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.binance.com/en/register?ref=42224911
Requested by: Host: lp.crypt.casino
URL: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.6 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-6.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://lp.crypt.casino/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

content-security-policy: default-src 'self'; block-all-mixed-content; script-src 'self' 'sha256-/fCUycOSPg5W5rt7pgbdlufk2T9mZRRPEsV2mct1B/I=' 'sha256-5N4Pp5UCHKbIUxXXFe+KDYsfhzhQXoIzN80eQ+jF9P4=' 'unsafe-eval' 'nonce-17a4991c0ed967a1898ea355dd52c5d9489e3869' https://*.zopim.com https://*.zopim.io https://api-na.geetest.com https://api.geetest.com https://beta.binance.com https://bin.bnbstatic.com https://cdn.ampproject.org https://ex.bnbstatic.com https://monitor.geetest.com https://resource.binance.com https://static.geetest.com https://static.zdassets.com https://translate.google.com https://translate.googleapis.com https://www.binance.com https://www.google-analytics.com https://www.google.com preprodbin.bnbstatic.com; style-src 'self' 'unsafe-inline' https://at.alicdn.com https://beta.binance.com https://bin.bnbstatic.com https://ex.bnbstatic.com https://resource.binance.com https://static.geetest.com https://translate.googleapis.com https://www.binance.com https://www.gstatic.com preprodbin.bnbstatic.com; font-src 'self' data: https://at.alicdn.com https://beta.binance.com https://bin.bnbstatic.com https://ex.bnbstatic.com https://fonts.gstatic.com https://resource.binance.com https://sensors.binance.cloud https://sensors.binance.com https://www.binance.com preprodbin.bnbstatic.com; connect-src 'self' *.fdgahl.cn https://*.zopim.com https://beta.binance.com https://bin-prod-ui-snapshot-customisation.s3.ap-northeast-1.amazonaws.com https://bin-tk-zendesk-userupload-chat-tmp-bucket.s3.ap-northeast-1.amazonaws.com https://bin.bnbstatic.com https://binance.zendesk.com https://ekr.zdassets.com https://ex.bnbstatic.com https://frontend-m.binance.cloud https://frontend-m.binance.cloud/monitor/v1/log https://i18n.bnbstatic.com https://jpush.binance.im:5000 https://pre-jpush.fdgahl.cn:5000 https://report.binance.gg https://resource.binance.com https://sensors.binance.cloud https://sensors.binance.com https://ss.datasconsole.com https://static-file-1259603563.file.myqcloud.com https://translate.googleapis.com https://www.binance.com https://www.google.com preprodbin.bnbstatic.com wss://*.zopim.com wss://binance.com.zendesk.com wss://bstream.binance.com:9443 wss://fstream.binance.com wss://jpush.binance.im:5000 wss://margin-stream.binance.com:9443 wss://stream.binance.com; img-src 'self' *.fdgahl.cn data: https://*.zopim.io https://beta.binance.com https://bin.bnbstatic.com https://ex.bnbstatic.com https://public.bnbstatic.com https://resource.binance.com https://sensors.binance.cloud https://sensors.binance.com https://static.geetest.com https://translate.google.com https://translate.googleapis.com https://www.binance.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com preprodbin.bnbstatic.com; media-src 'self' *.fdgahl.cn https://bin.bnbstatic.com https://public.bnbstatic.com https://static.zdassets.com https://v2.zopim.com; frame-src 'self' https://bin.bnbstatic.com https://static.zdassets.com https://www.google.com; object-src 'none'; base-uri 'self'
via: 1.1 e5dcf90f3787d486ad40e46070021460.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: DUS51-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
status: 301
x-envoy-upstream-service-time: 5
content-length: 17406
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
server: Tengine
x-frame-options: SAMEORIGIN
date: Thu, 13 Aug 2020 08:56:39 GMT
x-download-options: noopen
strict-transport-security: max-age=31536000; includeSubdomains
content-type: text/html; charset=utf-8
location: https://accounts.binance.com/en/register?ref=42224911
cache-control: no-cache, no-store, must-revalidate
etag: W/"43fe-uTbAiElGA3TASNM08w9zovyGjaA"
x-webkit-csp: default-src 'self'; block-all-mixed-content; script-src 'self' 'sha256-/fCUycOSPg5W5rt7pgbdlufk2T9mZRRPEsV2mct1B/I=' 'sha256-5N4Pp5UCHKbIUxXXFe+KDYsfhzhQXoIzN80eQ+jF9P4=' 'unsafe-eval' 'nonce-17a4991c0ed967a1898ea355dd52c5d9489e3869' https://*.zopim.com https://*.zopim.io https://api-na.geetest.com https://api.geetest.com https://beta.binance.com https://bin.bnbstatic.com https://cdn.ampproject.org https://ex.bnbstatic.com https://monitor.geetest.com https://resource.binance.com https://static.geetest.com https://static.zdassets.com https://translate.google.com https://translate.googleapis.com https://www.binance.com https://www.google-analytics.com https://www.google.com preprodbin.bnbstatic.com; style-src 'self' 'unsafe-inline' https://at.alicdn.com https://beta.binance.com https://bin.bnbstatic.com https://ex.bnbstatic.com https://resource.binance.com https://static.geetest.com https://translate.googleapis.com https://www.binance.com https://www.gstatic.com preprodbin.bnbstatic.com; font-src 'self' data: https://at.alicdn.com https://beta.binance.com https://bin.bnbstatic.com https://ex.bnbstatic.com https://fonts.gstatic.com https://resource.binance.com https://sensors.binance.cloud https://sensors.binance.com https://www.binance.com preprodbin.bnbstatic.com; connect-src 'self' *.fdgahl.cn https://*.zopim.com https://beta.binance.com https://bin-prod-ui-snapshot-customisation.s3.ap-northeast-1.amazonaws.com https://bin-tk-zendesk-userupload-chat-tmp-bucket.s3.ap-northeast-1.amazonaws.com https://bin.bnbstatic.com https://binance.zendesk.com https://ekr.zdassets.com https://ex.bnbstatic.com https://frontend-m.binance.cloud https://frontend-m.binance.cloud/monitor/v1/log https://i18n.bnbstatic.com https://jpush.binance.im:5000 https://pre-jpush.fdgahl.cn:5000 https://report.binance.gg https://resource.binance.com https://sensors.binance.cloud https://sensors.binance.com https://ss.datasconsole.com https://static-file-1259603563.file.myqcloud.com https://translate.googleapis.com https://www.binance.com https://www.google.com preprodbin.bnbstatic.com wss://*.zopim.com wss://binance.com.zendesk.com wss://bstream.binance.com:9443 wss://fstream.binance.com wss://jpush.binance.im:5000 wss://margin-stream.binance.com:9443 wss://stream.binance.com; img-src 'self' *.fdgahl.cn data: https://*.zopim.io https://beta.binance.com https://bin.bnbstatic.com https://ex.bnbstatic.com https://public.bnbstatic.com https://resource.binance.com https://sensors.binance.cloud https://sensors.binance.com https://static.geetest.com https://translate.google.com https://translate.googleapis.com https://www.binance.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com preprodbin.bnbstatic.com; media-src 'self' *.fdgahl.cn https://bin.bnbstatic.com https://public.bnbstatic.com https://static.zdassets.com https://v2.zopim.com; frame-src 'self' https://bin.bnbstatic.com https://static.zdassets.com https://www.google.com; object-src 'none'; base-uri 'self'
x-amz-cf-id: 8s3d2pOYBryRg0YRBuk5yeSBzK5uiEUTuNd_8R6TdBDkModOopGmfg==
x-content-security-policy: default-src 'self'; block-all-mixed-content; script-src 'self' 'sha256-/fCUycOSPg5W5rt7pgbdlufk2T9mZRRPEsV2mct1B/I=' 'sha256-5N4Pp5UCHKbIUxXXFe+KDYsfhzhQXoIzN80eQ+jF9P4=' 'unsafe-eval' 'nonce-17a4991c0ed967a1898ea355dd52c5d9489e3869' https://*.zopim.com https://*.zopim.io https://api-na.geetest.com https://api.geetest.com https://beta.binance.com https://bin.bnbstatic.com https://cdn.ampproject.org https://ex.bnbstatic.com https://monitor.geetest.com https://resource.binance.com https://static.geetest.com https://static.zdassets.com https://translate.google.com https://translate.googleapis.com https://www.binance.com https://www.google-analytics.com https://www.google.com preprodbin.bnbstatic.com; style-src 'self' 'unsafe-inline' https://at.alicdn.com https://beta.binance.com https://bin.bnbstatic.com https://ex.bnbstatic.com https://resource.binance.com https://static.geetest.com https://translate.googleapis.com https://www.binance.com https://www.gstatic.com preprodbin.bnbstatic.com; font-src 'self' data: https://at.alicdn.com https://beta.binance.com https://bin.bnbstatic.com https://ex.bnbstatic.com https://fonts.gstatic.com https://resource.binance.com https://sensors.binance.cloud https://sensors.binance.com https://www.binance.com preprodbin.bnbstatic.com; connect-src 'self' *.fdgahl.cn https://*.zopim.com https://beta.binance.com https://bin-prod-ui-snapshot-customisation.s3.ap-northeast-1.amazonaws.com https://bin-tk-zendesk-userupload-chat-tmp-bucket.s3.ap-northeast-1.amazonaws.com https://bin.bnbstatic.com https://binance.zendesk.com https://ekr.zdassets.com https://ex.bnbstatic.com https://frontend-m.binance.cloud https://frontend-m.binance.cloud/monitor/v1/log https://i18n.bnbstatic.com https://jpush.binance.im:5000 https://pre-jpush.fdgahl.cn:5000 https://report.binance.gg https://resource.binance.com https://sensors.binance.cloud https://sensors.binance.com https://ss.datasconsole.com https://static-file-1259603563.file.myqcloud.com https://translate.googleapis.com https://www.binance.com https://www.google.com preprodbin.bnbstatic.com wss://*.zopim.com wss://binance.com.zendesk.com wss://bstream.binance.com:9443 wss://fstream.binance.com wss://jpush.binance.im:5000 wss://margin-stream.binance.com:9443 wss://stream.binance.com; img-src 'self' *.fdgahl.cn data: https://*.zopim.io https://beta.binance.com https://bin.bnbstatic.com https://ex.bnbstatic.com https://public.bnbstatic.com https://resource.binance.com https://sensors.binance.cloud https://sensors.binance.com https://static.geetest.com https://translate.google.com https://translate.googleapis.com https://www.binance.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com preprodbin.bnbstatic.com; media-src 'self' *.fdgahl.cn https://bin.bnbstatic.com https://public.bnbstatic.com https://static.zdassets.com https://v2.zopim.com; frame-src 'self' https://bin.bnbstatic.com https://static.zdassets.com https://www.google.com; object-src 'none'; base-uri 'self'

GET
H2 200 css
fonts.googleapis.com/ 2 KB
626 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:819::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito

Requested by

Host: lp.crypt.casino
URL: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b58d5490059a38ce2030dda0ee7328a793fcb05a163ceeea5b38ae4b8504b15b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 13 Aug 2020 07:55:53 GMT
server: ESF
date: Thu, 13 Aug 2020 08:56:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Aug 2020 08:56:38 GMT

GET
H2 200 flags.png
lp.crypt.casino/images/flags/ 27 KB
28 KB 15ms
15ms Image
image/png 2606:4700:3030::681b:b9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.crypt.casino/images/flags/flags.png
Requested by: Host: lp.crypt.casino
URL: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:b9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94d5c7f1661301c4a6dc491d72dd559a0620cd917a826f0df1b023bb96ea9ddd

Request headers

Referer: https://lp.crypt.casino/video-ad/css/dark-purple.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 08:56:38 GMT
cf-cache-status: HIT
last-modified: Sun, 05 Apr 2020 16:09:00 GMT
server: cloudflare
age: 6296
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5c213959ee14d705-FRA
content-length: 28123
cf-request-id: 0488a22c350000d705c2152200000001

GET
H2 200 XRXV3I6Li01BKofINeaBTMnFcQ.woff2
fonts.gstatic.com/s/nunito/v13/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v13/XRXV3I6Li01BKofINeaBTMnFcQ.woff2

Requested by

Host: lp.crypt.casino
URL: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3c2d02ad946969c6fc9ed583bdb76b3bf0bd2328575a93c42ff87ece9498504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Nunito
Origin: https://lp.crypt.casino

Response headers

date: Tue, 11 Aug 2020 01:37:05 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Jul 2020 21:54:06 GMT
server: sffe
age: 199173
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13992
x-xss-protection: 0
expires: Wed, 11 Aug 2021 01:37:05 GMT

GET
H2 200 webfa-solid-900.woff2
lp.crypt.casino/fonts/vendor/@fortawesome/fontawesome-free/ 74 KB
74 KB 19ms
19ms Font
font/woff2 2606:4700:3030::681b:b9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.crypt.casino/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?44d537ab79f921fde5a28b2c1636f397
Requested by: Host: lp.crypt.casino
URL: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:b9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://lp.crypt.casino/video-ad/css/dark-purple.css
Origin: https://lp.crypt.casino

Response headers

date: Thu, 13 Aug 2020 08:56:38 GMT
cf-cache-status: HIT
last-modified: Sun, 05 Apr 2020 16:10:58 GMT
server: cloudflare
age: 6754
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5c213959ee15d705-FRA
content-length: 75728
cf-request-id: 0488a22c350000d705c2153200000001

GET
H2 200 configs Show response
cdn.gravitec.net/sdk/web/ 2 KB
1 KB 106ms
35ms Fetch
application/json 213.174.135.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/sdk/web/configs?appKey=a3d89882a6e2ea197210cc5f3463ff65
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/a3d89882a6e2ea197210cc5f3463ff65/client.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: be340c0812c33db5a4da4b6745b706eb516c3fd55480cf6f40bbd8d091c6b5b3

Request headers

Referer: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 08:56:38 GMT
x-correlation-id: cb6bc42b8c7096c94f8a65327cf97630
server: nginx
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
content-encoding: gzip
x-proxy-cache: HIT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-158742956-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 1377
date: Thu, 13 Aug 2020 08:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Thu, 13 Aug 2020 10:33:41 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=544760706&t=pageview&_s=1&dl=https%3A%2F%2Flp.crypt.casino%2F%3Flp%3Dvideo-ad%26video%3Dbaccarat%26cid%3Dac22cb7ikfyblf99%26uclick%3Db7ikfybl...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-158742956-1&cid=552019219.1597308999&jid=80142034&_gid=1101512524.1597308999&gjid=387076967&_v=j81&z=1257391224

35 B
421 B

45ms
15ms

Image
image/gif

2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-158742956-1&cid=552019219.1597308999&jid=80142034&_gid=1101512524.1597308999&gjid=387076967&_v=j81&z=1257391224

Requested by

Host: lp.crypt.casino
URL: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 13 Aug 2020 08:56:38 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Aug 2020 08:56:38 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-158742956-1&cid=552019219.1597308999&jid=80142034&_gid=1101512524.1597308999&gjid=387076967&_v=j81&z=1257391224
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 417
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track.min.js Show response
cdn.gravitec.media/ 4 KB
2 KB 30ms
12ms Script
text/javascript 2606:4700:3035::6812:2137
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.media/track.min.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/a3d89882a6e2ea197210cc5f3463ff65/client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:2137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b9ef2c04e9b7f5bca59b3898b29b10c14a2ae83c480949ef39c345c3c82f617

Request headers

Referer: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 08:56:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 344
status: 200
x-amz-request-id: 023013F76D7E3C1C
x-amz-id-2: TwyCltrV2R65sd0cynLVVCl/ejqJHBccmr8ES6j5Fsphkmd0jvhjDN8qipeIUHifqzpA1zMWgf8=
last-modified: Thu, 02 Jul 2020 10:07:01 GMT
server: cloudflare
etag: W/"ca301b543b7b6cb0fe41e1748ee7d0f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=60, s-maxage=600
cf-request-id: 0488a22d720000d6bdd11c2200000001
cf-ray: 5c21395beb3fd6bd-FRA

GET
H2 201 track
api.gravitec.media/api/stats/ 0
0 191ms
58ms Fetch 52.29.101.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gravitec.media/api/stats/track?app_key=a3d89882a6e2ea197210cc5f3463ff65&user_id=746d6a94-7234-4932-9faa-7cfdeb8c5c72&utmb=3a2ec057-c4a1-426f-9b6c-f42fa95dc446&path=https%3A%2F%2Flp.crypt.casino%2F%3Flp%3Dvideo-ad%26video%3Dbaccarat%26cid%3Dac22cb7ikfyblf99%26uclick%3Db7ikfybl%26uclickhash%3Db7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116&referrer=http%3A%2F%2Fusa.caralla-ver.com%2Fzcredirect%3Fvisitid%3De51d15a6-dd42-11ea-b5e1-0a42615b5fff%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse

Requested by

Host: cdn.gravitec.media
URL: https://cdn.gravitec.media/track.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.29.101.194 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-101-194.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode=block

Request headers

Referer: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 08:56:39 GMT
x-correlation-id: 766b3eb6c2c494e18a1f4d6ffcd13fc8
x-content-type-options: nosniff
server: nginx
status: 201
x-frame-options: DENY
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 0
x-xss-protection: 1 ; mode=block
referrer-policy: no-referrer
expires: 0

GET
H2 200 iframe_api Show response
www.youtube.com/ 859 B
1 KB 46ms
25ms Script
application/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: lp.crypt.casino
URL: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

a0d3ad2bd0bb836d67e587c3b497fc7275294125707b05bc38624cf787086dec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 08:56:39 GMT
x-content-type-options: nosniff
server: YouTube Frontend Proxy
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
status: 200
cache-control: no-cache
content-type: application/javascript
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Tue, 27 Apr 1971 19:44:06 GMT

GET
H2 200 www-widgetapi.js Show response
s.ytimg.com/yts/jsbin/www-widgetapi-vflm7q--B/ 90 KB
33 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ytimg.com/yts/jsbin/www-widgetapi-vflm7q--B/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a09f19ac3a6fb7a6db7aa92dc9a888e9f6f169b18171d6d958693399af19c99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 23:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121833
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33291
x-xss-protection: 0
last-modified: Tue, 11 Aug 2020 20:57:58 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 19 Aug 2020 23:06:06 GMT

GET
H2 200 zyIhuSgJwUM
www.youtube.com/embed/ Frame D083 0
0 76ms
75ms Document
text/html 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/zyIhuSgJwUM?rel=0&showinfo=0&ecver=2&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Flp.crypt.casino&widgetid=1

Requested by

Host: s.ytimg.com
URL: https://s.ytimg.com/yts/jsbin/www-widgetapi-vflm7q--B/www-widgetapi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/zyIhuSgJwUM?rel=0&showinfo=0&ecver=2&autoplay=1&enablejsapi=1&origin=https%3A%2F%2Flp.crypt.casino&widgetid=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: VISITOR_INFO1_LIVE=XTmf7C1dgZw; YSC=ulMGTb7jmO4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://lp.crypt.casino/?lp=video-ad&video=baccarat&cid=ac22cb7ikfyblf99&uclick=b7ikfybl&uclickhash=b7ikfybl-b7ikfybl-fe-0-fe-vr-b4-4cf116

Response headers

status: 200
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-type: text/html; charset=utf-8
cache-control: no-cache
content-length: 11240
content-encoding: br
x-content-type-options: nosniff
expires: Tue, 27 Apr 1971 19:44:06 GMT
date: Thu, 13 Aug 2020 08:56:39 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: GPS=1; path=/; domain=.youtube.com; expires=Thu, 13-Aug-2020 09:26:39 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1970-01-19 11:41:50	Name: GPS Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: ulMGTb7jmO4
lp.crypt.casino/	1970-01-19 11:41:50	Name: GN_SESSION_ID_KEY Value: 3a2ec057-c4a1-426f-9b6c-f42fa95dc446
lp.crypt.casino/	1970-01-20 05:13:00	Name: GN_USER_ID_KEY Value: 746d6a94-7234-4932-9faa-7cfdeb8c5c72
.youtube.com/	1970-01-19 16:01:00	Name: VISITOR_INFO1_LIVE Value: XTmf7C1dgZw
.crypt.casino/	1970-01-19 11:41:49	Name: _gat_gtag_UA_158742956_1 Value: 1
.crypt.casino/	1970-01-19 11:43:15	Name: _gid Value: GA1.2.1101512524.1597308999
.crypt.casino/	1970-01-20 05:13:00	Name: _ga Value: GA1.2.552019219.1597308999
.crypt.casino/	1970-01-19 12:25:00	Name: __cfduid Value: dddaf8a4c23280e867c091e489558b2191597308998

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://cdn.gravitec.net/storage/a3d89882a6e2ea197210cc5f3463ff65/client.js(Line 1) Message: 🔔 Notifications API is not supported

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.binance.com
api.gravitec.media
cdn.gravitec.media
cdn.gravitec.net
code.jquery.com
cryptcasino.su
fonts.googleapis.com
fonts.gstatic.com
game-workshop.com
img.sedoparking.com
lp.crypt.casino
s.ytimg.com
stats.g.doubleclick.net
usa.caralla-ver.com
ww1.game-workshop.com
www.binance.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
13.226.155.238
13.226.155.6
205.234.175.175
209.197.3.24
213.174.135.2
2606:4700:3030::681b:b9b2
2606:4700:3035::6812:2137
2606:4700:3037::6812:3662
2a00:1450:4001:814::200e
2a00:1450:4001:815::2008
2a00:1450:4001:818::2003
2a00:1450:4001:818::200e
2a00:1450:4001:819::200a
2a00:1450:4001:81d::2003
2a00:1450:4001:824::200e
2a00:1450:400c:c00::9b
5.79.68.101
52.29.101.194
54.174.38.189
91.195.240.136
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0f685240b0f08b8a0d54bcbf4adf7da07b0d75f1ed6c901f9c769283d31c8127
2029d434d1c786fc9784c6053d180704e05ae0106b54080b5bc9c784432ef847
2f2d0f169db61192bc2b48f4fd349b3276a0e153eff4494c2bf10a42253a5c7a
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
4b9ef2c04e9b7f5bca59b3898b29b10c14a2ae83c480949ef39c345c3c82f617
4d539d5fb13daf683d0179d484c3c701b3514f9a3f0221f923222bafa9a5bd3c
4f5c99b27cdd87cb4673fe9aa93e905eb7bb1d211d31c6d25ecc5be8b3d70158
5a1575d4c59d3417b02770b24fde1346c0e62f3d3174a81bb3479c207198c08d
5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a
65216194969aef355b4cfa26b4a9bc66e349f02e3c1e7ff056e7409a3d537295
6a09f19ac3a6fb7a6db7aa92dc9a888e9f6f169b18171d6d958693399af19c99
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846364adf745c36a5c49b24cdb10bdc009e6f73af82954d25628c77000b5aa9c
94d5c7f1661301c4a6dc491d72dd559a0620cd917a826f0df1b023bb96ea9ddd
962e28ddd7aae7feac328f8c76b024ece5356237d0742d8e5f8c75f8d4d24a0e
972a128ca068db8ce66360a44534223aab38435f5ee2b09d009ff915e8773fa2
9c6997de44d59f9415446a6564d2209d986d747993e758ca5c252dbd4ec110c6
9cedd4104d5504c690b9418933be3e2ad6137ee353eac8b10850d06755e9f938
a0d3ad2bd0bb836d67e587c3b497fc7275294125707b05bc38624cf787086dec
b2c23e757cd43a529b4ef726b6b25c216d3c8222db463b1b0ec0b79d91526635
b58d5490059a38ce2030dda0ee7328a793fcb05a163ceeea5b38ae4b8504b15b
bda02dddb98550df87131a604a48e26a0942095d3840e38ddaa91beacf7086d4
be340c0812c33db5a4da4b6745b706eb516c3fd55480cf6f40bbd8d091c6b5b3
c2e6a50485c11f5348928fd0481be6b019636137ea8fa1158636b1e32a8b07b4
d042eb2c6bd5195fbe9c18f8a70f0a603918c018c1b539cc204f85dc5abb6bc0
d2aa34dd983c608e12d6da9412f72d08776248d615aff61898d4a6fc096899c5
d3c2d02ad946969c6fc9ed583bdb76b3bf0bd2328575a93c42ff87ece9498504
e186f74c971a978c1daf20bb51a1b71bcb075d8d09d678ee1d12665c136b1487
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef5df124a5fdb52345c318a02e8e9f6128c67b40d01005e02d53218a64d37ae3
f255b4bc15d4960d942a1fd4a6eedb11126092acbc9ddc937a4efc68cfc18510
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

lp.crypt.casino Open in urlscan Pro 2606:4700:3030::681b:b9b2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

38 Requests

82 %HTTPS

55 %IPv6

16 Domains

20 Subdomains

18 IPs

4 Countries

700 kBTransfer

2274 kBSize

9 Cookies

28 Outgoing links

Page URL History

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

lp.crypt.casino Open in urlscan Pro
2606:4700:3030::681b:b9b2 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

82 %
HTTPS

55 %
IPv6

16
Domains

20
Subdomains

18
IPs

4
Countries

700 kB
Transfer

2274 kB
Size

9
Cookies

38 HTTP transactions
0 data transactions